This diff enables `websteps` to use uTLS for TLS parroting. It integrates the `oohttp.StdlibTransport` wrapper which uses the `ooni/oohttp` fork. `oohttp` supports TLS-like connections like `utls.Conn`.
As a prototype, the testhelper and `websteps` code now uses the `utls.HelloChrome_Auto` fingerprint, i.e. the simulated TLS fingerprint of the Google Chrome browser.
It is a further contribution for my GSoC project.
Reference issue: https://github.com/ooni/probe/issues/1733
* feat: introduce ptx package for pluggable transports dialers
Version 2 of the pluggable transports specification defines a function
that's like `Dial() (net.Conn, error`).
Because we use contexts as much as possible in `probe-cli`, we are
wrapping such an interface into a `DialContext` func.
The code for obfs4 is adapted from https://github.com/ooni/probe-cli/pull/341.
The code for snowflake is significantly easier than it is in
https://github.com/ooni/probe-cli/pull/341, because now Snowflake
supports the PTv2 spec (thanks @cohosh!).
The code for setting up a pluggable transport listener has also
been adapted from https://github.com/ooni/probe-cli/pull/341.
We cannot merge this code yet, because we need unit testing, yet the
newly added code already seems suitable for these use cases:
1. testing by dialing and seeing whether we can dial (which is not
very useful but still better than not doing it);
2. spawning tor+pluggable transports for circumvention (we need a
little more hammering like we did in https://github.com/ooni/probe-cli/pull/341,
which is basically https://github.com/ooni/probe/issues/1565, and then
we will be able to do that, as demonstrated by the new, simple client which
already allows us to use pluggable transports with tor);
3. testing by launching tor (when available) with a set of
pluggable transports (which depends on https://github.com/ooni/probe-engine/issues/897
and has not been assigned an issue yet).
* fix: tweaks after self code-review
* feat: write quick tests for ptx/obfs4
(They run in 0.4s, so I think it's fine for them to always run.)
* feat(ptx/snowflake): write unit and integration tests
* feat: create a fake PTDialer
The idea is that we'll use this simpler PTDialer for testing.
* feat: finish writing tests for new package
* Apply suggestions from code review
* Update internal/ptx/dependencies_test.go
Co-authored-by: Arturo Filastò <arturo@openobservatory.org>
* Update internal/ptx/dependencies_test.go
Co-authored-by: Arturo Filastò <arturo@openobservatory.org>
* chore: use as testing bridge one that's used by tor browser
The previous testing bridge used to be used by tor browser but
it was subsequently removed here:
e26e91bef8
See https://github.com/ooni/probe-cli/pull/373#discussion_r649820724
Co-authored-by: Arturo Filastò <arturo@openobservatory.org>
This functionality should be helpful to test that the general
interface of the tunnel package is okay from the engine package.
Part of https://github.com/ooni/probe/issues/985
We use an optional build tag to hide this configuration. When you
choose this configuration, you need to provide the encrypted config
as well as the corresponding decryption key.
This is not the final design. This is an interim design to start
working and experimenting with this functionality. The general
idea here is to support psiphon in the binaries we build without
committing the psiphon config to the repository itself.
Part of https://github.com/ooni/probe/issues/985
* fix(pkg.go.dev): import a subpackage containing the assets
We're trying to fix this issue that pkg.go.dev does not build.
Thanks to @hellais for this very neat idea! Let's keep our
fingers crossed and see whether it fixes!
* feat: use embedded geoip databases
Closes https://github.com/ooni/probe/issues/1372.
Work done as part of https://github.com/ooni/probe/issues/1369.
* fix(assetsx): add tests
* feat: simplify and just vendor uncompressed DBs
* remove tests that seems not necessary anymore
* fix: run go mod tidy
* Address https://github.com/ooni/probe-cli/pull/260/files#r605181364
* rewrite a test in a better way
* fix: gently cleanup the legacy assetsdir
Do not remove the whole directory with brute force. Just zap the
files whose name we know. Then attempt to delete the legacy directory
as well. If not empty, just fail. This is fine because it means the
user has stored other files inside the directory.
* fix: create .miniooni if missing
* internal/engine/ooapi: auto-generated API client
* feat: introduce the callers abstraction
* feat: implement API caching on disk
* feat: implement cloneWithToken when we require login
* feat: implement login
* fix: do not cache all APIs
* feat: start making space for more tests
* feat: implement caching policy
* feat: write tests for caching layer
* feat: add integration tests and fix some minor issues
* feat: write much more unit tests
* feat: add some more easy unit tests
* feat: add tests that use a local server
While there, make sure many fields we care about are OK.
* doc: write basic documentation
* fix: tweak sentence
* doc: improve ooapi documentation
* doc(ooapi): other documentation improvements
* fix(ooapi): remove caching for most APIs
We discussed this topic yesterday with @FedericoCeratto. The only
place where we want LRU caching is MeasurementMeta.
* feat(ooapi): improve handling of errors during login
This was also discussed yesterday with @FedericoCeratto
* fix(swaggerdiff_test.go): temporarily disable
Before I work on this, I need to tend onto other tasks.
* fix(ootest): add one more test case
We're going towards 100% coverage of this package, as it ought to be.
* feat(ooapi): test cases for when the probe clock is off
* fix(ooapi): change test to have 100% unittest coverage
* feat: sync server and client APIs definition
Companion PR: https://github.com/ooni/api/pull/218
* fix(ooapi): start testing again against API
* fix(ooapi): only generate each file once
* chore: set version to 3.7.0-alpha
While there, make sure we don't always skip a currently failing
riseupvpn test, and slightly clarify the readme.
* fix(kvstore): less scoped error message
* chore: update dependencies
* chore: update user agent for measurements
* chore: we're now at v3.6.0
* chore: update assets
* chore: update bundled CA
* fix: address some goreportcard.com warnings
* fix(debian/changelog): zap release that breaks out build scripts
We're forcing the content of changelog with `dch`, so it's fine to
not have any specific new release in there.
* fix: make sure tests are passing locally
Notably, I removed a chunk of code where we were checking for network
activity. Now we don't fetch the databases and it's not important. Before,
it was important because the databases are ~large.
* fix: temporarily comment out riseupvn integration tests
See https://github.com/ooni/probe/issues/1354 for work aimed at
reducing the rate of false positives (thanks @cyBerta!)
This is how I did it:
1. `git clone https://github.com/ooni/probe-engine internal/engine`
2. ```
(cd internal/engine && git describe --tags)
v0.23.0
```
3. `nvim go.mod` (merging `go.mod` with `internal/engine/go.mod`
4. `rm -rf internal/.git internal/engine/go.{mod,sum}`
5. `git add internal/engine`
6. `find . -type f -name \*.go -exec sed -i 's@/ooni/probe-engine@/ooni/probe-cli/v3/internal/engine@g' {} \;`
7. `go build ./...` (passes)
8. `go test -race ./...` (temporary failure on RiseupVPN)
9. `go mod tidy`
10. this commit message
Once this piece of work is done, we can build a new version of `ooniprobe` that
is using `internal/engine` directly. We need to do more work to ensure all the
other functionality in `probe-engine` (e.g. making mobile packages) are still WAI.
Part of https://github.com/ooni/probe/issues/1335
* feat: sketch out periodic command
* feat: sketch out periodic command for macOS
* feat: implement darwin's launch agent
* refactor: better way to run on darwin
Make sure we have code that builds on all platforms.
* fix(run): max 10 URLs with darwin in unattended mode
* feat: add support for seeing/streaming logs
* feat: implement the status command and add usage hints
* feat(periodic): run onboarding if needed
* fix: no too confusing function names
* fix: s/periodic/autorun/
Discussed earlier this morning with @hellais.
* fix: we cannot show logs before Big Sur
Bug reported by @hellais.
The CloseReport method is gone. We don't need to close reports
anymore with the new OONI backend.
The InputsRequired flags now is InputsOrQueryTestLists.
This diff pins to ooni/probe-engine@3049779878
and starts using the recently introduced probe-engine APIs.
Namely, here, we use the InputLoader for loading URLs.
I've confirmed manually everything is still working as intended.
Part of https://github.com/ooni/probe/issues/1283.
(In particular, the InputLoader is the abstraction allowing us to load
input from several sources, including command line flags and external
files.)
* feat: use ooni/probe-engine@286613b74e and cleanup
1. zap unused configuration settings from the config file but do not
bump the version number because doing that _may_ interact in unexpected
ways with probe-desktop (hence https://github.com/ooni/probe/issues/1297)
and also because we've just _removed_ stuff for now, therefore any
previous configuration file will continue to work, except that we'll
be ignoring a bunch of options. In a future version of probe-cli I'll
spend some time to further improve config file management.
2. accordingly, make sure all current configuration files that are around
in the tree are current and only feature supported options.
3. update to ooni/probe-engine@286613b74e, which contains a bunch of
APIs that should allow us to simplify the interaction between the cli and
the engine, by sharing code more cleverly.
4. zap GetTestKeys because now we use code in probe-engine instead.
5. zap LogSummary because it was not being used.
6. the main change related to cleaning up the config and to the update
to the latest probe-engine is that include_{cc,asn,ip} settings are
gone and we now share the CC and the ASN and we never share the IP addr.
Reference issue: https://github.com/ooni/probe/issues/1283.
After this change is landed, there's a bunch more work to do to further
unify cli and engine. The final state will be that the cli uses ~the code
used by miniooni, so it will have a bunch of desirable options.
* fix: bindata after recent changes
* chore: set version to 3.0.12-alpha
I need to bless 3.0.11 now to pin to ooni/probe-engine v0.20.2.
* chore: update all dependencies
Most notably, pin to ooni/probe-engine 0.20.2.
This beta release incorporates recent fixes in ooni/probe-engine that we
would like to test and ship relatively soon.
I'm doing this as part of https://github.com/ooni/explorer/issues/495
* Update go-bindata and regenerate binary data
* Pin to ooni/probe-engine 0.17.0 and update dependencies
* Set version to 3.0.7
* Readme.md: better release instructions
* Use ooni/probe-engine 0.16.0
* Update all the other dependencies
* Use GitHub Actions rather than Travis CI
* Automatically build and test binaries on the target OS (for Windows, macOS, Linux on amd64)
* Make sure we correctly measure coverage
* Make sure we use `-race` when running tests
* Remove unnecessary scripts
* Make sure the README is up-to-date
* Write small script to update binary data and add GitHub Actions checks for it
* Notice that we needed to run ./updatebindata.sh and run it
* Self documenting instructions regarding cross compiling
* Set version number to v3.0.7-beta
Part of https://github.com/ooni/probe-engine/issues/748
* go.mod go.sum: pin to ooni/probe-engine@v0.13.0, update all other deps
Make sure dependencies of probe-engine are at the same exact version to
which is probe-engine, to avoid any possible issue.
* Readme.md: clarify the procedure for updating deps
* nettests/groups.go: remove redundant struct names
* go.mod go.sum: update deps except probe-engine
* Update to ooni/probe-engine@e768161f91
The API has changed. Methods that used to change bits of the session have
been removed. Now the session is more immutable than before.
As such, we need to completely fill the config before using it.
* Set IncludeCountry to always true
Co-authored-by: Arturo Filastò <arturo@filasto.net>
I'm pinning to ooni/probe-engine@72c12b0b81
because it generates more correct data and I think we're going to have
most likely this probe-cli version in the stable desktop release.